All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

CIFSwitch Linux Vulnerability Allows Unprivileged Users to Gain Root Access via CIFS Flaw

By

Andrew LukoshkoAlmaLinux Lead Architect

2d ago· 5 min readenNews
Bagel score 92 of 100
92/100
Golden Brown
Bagelometer

A five-star bake. Worth schmearing, sharing, saving.

Score92TypenewsSentimentnegative

Summary

A new Linux local-root privilege escalation vulnerability named CIFSwitch has been disclosed by researcher Asim Manizada. The flaw combines a userspace request-key helper from cifs-utils with a missing input check in the kernel's CIFS client, allowing any unprivileged user on systems with cifs-utils installed, the CIFS kernel module loadable, and unprivileged user namespaces enabled (default on AlmaLinux) to gain root access. A CVE has been requested but not yet assigned.

Key quotes

· 3 pulled
A new Linux local-root vulnerability, nicknamed CIFSwitch by its discoverer Asim Manizada, was disclosed today on oss-security after the linux-distros embargo expired.
The flaw chains a userspace request-key helper from cifs-utils with a missing input check in the kernel's CIFS client.
Any unprivileged user on a system that has cifs-utils installed, the CIFS kernel module loadable, and unprivileged user namespaces enabled (the default on every supported AlmaLinux release) can pivot to root.
Snippet from the RSS feed
A new Linux local-root vulnerability, nicknamed CIFSwitch by its discoverer Asim Manizada, was disclosed today on oss-security after the linux-distros embargo expired. A CVE has been requested but is not yet assigned at the time of writing. The flaw chain

You might also wanna read

Copy Fail: Critical Linux Kernel Vulnerability (CVE-2026-31431) Grants Root Access Across Major Distributions

Xint Code disclosed CVE-2026-31431, a critical Linux kernel vulnerability dubbed "Copy Fail." The bug exploits an authencesn scratch-write v

xint.io·1mo ago

CVE-2026-3888: Snap Vulnerability Enables Local Privilege Escalation to Root in Ubuntu Desktop

Qualys researchers discovered a critical Local Privilege Escalation vulnerability (CVE-2026-3888) affecting Ubuntu Desktop 24.04+ that allow

blog.qualys.com·2mo ago

Copy Fail (CVE-2026-31431): Critical Linux Kernel LPE Vulnerability Affecting All Major Distributions

A critical Linux privilege escalation vulnerability (CVE-2026-31431) dubbed "Copy Fail" has been discovered by researcher Xint Code. The exp

copy.fail·1mo ago

Linux Kernel io_uring ZCRX Freelist Vulnerability Enables Local Privilege Escalation to Root

The article appears to be about a security exploit/vulnerability write-up involving io_uring (a Linux kernel asynchronous I/O framework) and

ze3tar.github.io·23d ago

CVE-2026-31431 "CopyFail": Linux Local Privilege Escalation Vulnerability Disclosed

A Linux kernel vulnerability (CVE-2026-31431), nicknamed "CopyFail," has been disclosed on the oss-security mailing list. The vulnerability

openwall.com·1mo ago

Dirty Frag (CVE-2026-43284): Critical Linux Kernel Root Exploit Disclosed — Second Major Vulnerability in Eight Days

A critical Linux kernel vulnerability called "Dirty Frag" (CVE-2026-43284 and CVE-2026-43500) has been publicly disclosed, giving root acces

copahost.com·22d ago